Invision Power Top Site List Comments function id Parameter SQL Injection Vulnerability
BID:9945
Info
Invision Power Top Site List Comments function id Parameter SQL Injection Vulnerability
| Bugtraq ID: | 9945 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 22 2004 12:00AM |
| Updated: | Mar 22 2004 12:00AM |
| Credit: | Discovery is credited to JeiAr <[email protected]>. |
| Vulnerable: |
Invision Power Services Invision Power Top Site List 1.1 RC2 Invision Power Services Invision Power Top Site List 1.1 Invision Power Services Invision Power Top Site List 1.0 |
| Not Vulnerable: | |
Discussion
Invision Power Top Site List Comments function id Parameter SQL Injection Vulnerability
It has been reported that Top Site List may be prone to an SQL injection vulnerability that may allow remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks. The issue exists due to insufficient sanitizing of the 'id' URI parameter when using the 'comments' feature in 'index.php' script.
Invision Power Top Site List versions 1.1 RC 2 and prior are reported prone to this issue.
It has been reported that Top Site List may be prone to an SQL injection vulnerability that may allow remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks. The issue exists due to insufficient sanitizing of the 'id' URI parameter when using the 'comments' feature in 'index.php' script.
Invision Power Top Site List versions 1.1 RC 2 and prior are reported prone to this issue.
Exploit / POC
Invision Power Top Site List Comments function id Parameter SQL Injection Vulnerability
No exploit is required.
The following proof of concept has been provided:
index.php?act=comments&id=[Evil_Query]
No exploit is required.
The following proof of concept has been provided:
index.php?act=comments&id=[Evil_Query]
Solution / Fix
Invision Power Top Site List Comments function id Parameter SQL Injection Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Invision Power Top Site List Comments function id Parameter SQL Injection Vulnerability
References:
References:
- Invision Top Site List Homepage (Invision Power Services)
- Invision Power Top Site List SQL Injection Vulnerability (JeiAr